On Wed, 4 Aug 2010 15:32:39 -0700 "Peter Merritt" <[email protected]> wrote: > What would be the most barebones pf.conf for a OpenBSD 4.7 nat firewall > with 2 nics, that passes everything.
ext_if="em0"
table int_net const persist {10.10.1.0/24}
match out on $ext_if from <int_net> to any nat-to ($ext_if)
pass all
---
That's minimal (yes, you can write it shorter...), but it might not
be enough in every case.
"man pf.conf" and http://marc.info might also help...
regards,
Robert
